Skip to content

PDQ PowerShell Scanner best practices

Jordan Hammond fun headshot
Jordan Hammond|April 13, 2020
PowerShell Scanner Best Practices
PowerShell Scanner Best Practices

Let's dive into a few things I have found while using our PowerShell Scanner that will make your future scanners the best versions of themselves.

Cast unwanted data to $null

Have you ever been writing a script, and you notice a line you put in shows some output? Typically we can ignore that as informational, but with the PowerShell Scanner, it will capture that and return the results as part of the result. This can lead to a lot of lines in that table that you do not want and make things convoluted. A great example of this would be if you need to install a module.

Install-PackageProvider "Nuget" -Force

This will allow NuGet to be used, but it will also drop some output that looks like this.

pasted image 0 (30)

This output will show up in your scanner, which we don't need. Putting $null = in front of that line will remove all output from that line.

$null = Install-PackageProvider "Nuget" -Force

If you have completed a script and are ending up with more than you want in your results, this will help you remove everything that you don't want.

Error handling is critical

In a perfect world, all your scripts run in every scenario. We are not in an ideal world, so finding common pain points and adding error handling will allow you to not only somewhat control these errors, but also make sure the scanner error has wording that you can understand. For example, if your script requires a service to be running, you can test to make sure that it is, as well as put whatever you want in the error, so you don't have to dive in.

$CoolStatus = (Get-Service supercoolservice -ErrorAction SilentlyContinue).Status if ($CoolStatus -ne "Running") { throw "The super cool service is not currently running, find a cooler machine for this to work." }

Now, if you run this against a computer that fails to meet the coolness requirements, you will have a clear message informing you to get to hipper waters stat.

pasted image 0 (31)

Select your objects

We have covered removing stray data to keep it cleaner, but we can take that a step further. So we are at the end game of our script, all machines have met the coolness standards that we expect, and now we are making sure that the awesomeness file has the appropriate permissions, we don't want any lame people getting into this file for sure.

Get-ACL -Path “C:\supersecret$\NothingToSeeHere\Awesomeness.txt”

With this, we are looking into our file, but we are grabbing the path and the owner. We don't need that, all we need is who has access to it.

Get-ACL -Path “C:\supersecret$\NothingToSeeHere\Awesomeness.txt” | Select-Object AccesstoString

There we go, no unneeded information cluttering our precious database.

Use a script file

You have the option to manually enter your script into the scanner when you are building it, and if this is your preference have at it. However, if you are using the file option, you have a lot more source control on the script. More importantly, if you have multiple servers, you only have to correct a script once, not redo it on every server.

unnamed (13)

Wow! That is crisp, clean, and centrally stored, making updates far easier.

GitHub

If you are looking for some real-world examples of these recommendations please check out our GitHub. There are some great scripts in there that will give you some great data on your machines, as well as help you get started on creating your own. Even better, if you have created something fantastic that you would love to share, please submit it! We have some guidelines to help you get that approved here.

Conclusion

The great thing about PowerShell is that it can do just about anything you can imagine, including ensuring your drives are healthy and tracking connection speed! If you stick to these few guidelines, you will have a much easier time getting all the data that you need most. Use this new tool to become the envy of your peers. Go Forth and PowerShell!

Jordan Hammond fun headshot
Jordan Hammond

Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet.

Related articles